VYPR
Vendor

Snipsnap

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2004-1470Dec 31, 2004
    risk 0.03cvss epss 0.02

    CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server.

  • CVE-2014-9559Feb 3, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, and 1.0b2 allows remote attackers to inject arbitrary web script or HTML via the query parameter to /snipsnap-search.

  • CVE-2014-5891Sep 15, 2014
    risk 0.00cvss epss 0.00

    The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.